[Dshield] I was going to say it's slowed down,,,,but.

castu castu at jfkadatc.net
Tue Aug 7 10:36:53 GMT 2001


> What can I do to stop this person?  The patch is
> on, my firewall is dropping the connections but
> how can I get them to stop?

The only thing you can do is to track the IP down
and report it. If you are getting a lot of
repeats, get on the phone and call.

As far as altering the CRII to patch infected
machines, the only problem I see is how would you
get paid for it? If an admin is too damn lazy or
ignorant to patch his server, then any work done
on said box should be followed up with an invoice.

I know of one individual who was infected - he had
never patched his IIS box aside from SP3. Why? He
was looking for uptime!




More information about the list mailing list